The bloggings of Sayle

Privacy

Problem

On Tuesday Congress gave privacy a huge middle fingered salute by revoking the FCC’s rules preventing ISPs from selling your browsing history to 3rd parties. Many people, mostly in the conservative camp, applaud this as another manner of income for these “overly regulated” ISPs. Myself as a pretty libertarian thinking person usually am against regulation by the government, but am becoming more and more concerned over the destruction of regulations that were put in place to prevent wholehearted abuse by entities and corporations. This action is one of those that prevented ISPs from sharing raw info on what you were looking at with advertisers or whomever would like to purchase it.

To not get into the typical political debate on politics here I am going to provide a solution that might (key word there) help you avoid the effects of this rule being removed.

Potential Solution for Consumers

The might work solution I am giving out is to use a VPN for your internet connection.

Please note there will be some pretty big gotchas on this which I will discuss later.

Background

When discussing this in person many people look at me like yeah dude you are talking technogeek, but I use a VPN to work from home for work so that won’t help. So allow me to explain what exactly this is like a normal person instead of the normal technophile I am.

Virtual Private Networks (or VPN for short) is essentially what the name says, it is a virtual network (as in not a physical one such as the wifi or wired one in your house) that is private. So anybody that can read and think critically could probably figure that one out, so what does this it really mean?

VPNs in this case are essentially an encrypted tunnel from your device (computer, tablet, phone, router, etc.) to another server which then acts as your exit to the wider internet. Think of your data as the water coming from a water hose: the water comes from the hose bib (yep that’s what those things are called) on the side of your house into a hose, then it flows along that hose to a certain destination like your garden or lawn, and after traveling along that in the hose path the water comes out into its destination. If viewed from outside you would see the water flowing out of the hose, but not have any view of the data till that point.

Using a VPN would do the same thing in that your ISP would just see the VPN tunnel (or the hose in my analogy above) in their network and your data (the water above) is seen by the outside world as coming from the VPN tunnel instead of your device. So in theory the ISP doesn’t see your traffic and only a VPN tunnel through their network and everybody out in the wider world sees you as connecting from the endpoint of the VPN tunnel.

Gotchas

In this case there will be a few gotchas on here and some are biggies.

Gotcha 1

Netflix will not work.

WAIT!!! WHAT?!?!?!

Yes let that sink in for a few. Netflix by default blocks VPN connections. If I was to venture to guess I would say this is part of contracts they have with studios so that their content cannot be viewed outside of certain countries. I would also venture to guess this is a money grab and trying to force you to buy more DVDs (yeah I almost forgot what those were too).

While there are ways around this, i.e. google netflix VPN bypass, which I won’t go into here.

Gotcha 2

ISPs adapting.

This is a very real possibility here since they are arguably the reasons that this bill was passed by Congress through lobbying. They could very well start introducing terms in their usage terms that prevent the use of a VPN to maximize their revenue through this potential law.

You might say well I just googled it and saw some VPNs claim they are “stealthy” and “undetectable.” Well move on to gotcha number 3.

Gotcha 3

3 words: Deep Packet Inspection

This was all the rage a few years ago when it was being used on corporate networks. It is essentially a technology that would allow an ISP to detect you are using a VPN. A lot of the vendors of this technology don’t go into details on what all their products can do which is probably because it does more than they want the public to know about. I would venture to guess that some of the higher end solutions are able to tap into a full backbone connection and detect in real time these “stealthy” VPN connections.

Note that I am just a software engineer and not a network or hardware guy so this is just an educated guess based on what I see done in technologies today.

Gotcha 4

This VPN needs to be active on each device you own or through the common pipe to the internet (usually a router).

Most homes have computers, phones, tablets, set top boxes, etc. in them all connecting to the internet. In order to make everything secure you would need to run a VPN on each device which may not be possible since some of these devices do not allow using VPNs.

The alternative is to have your router connect to the VPN and keep it active all the time. Again many routers will not do this and if you use the modem/router combo given to you by your ISP chances are almost absolutely that you won’t be able to do this.

I recommend a 3rd party router using some form of 3rd party firmware that supports this. A great example of this would be any router that supports dd-wrt. You can find more about this project on their page here.

Gotcha 5

This one is following in the profiting from this potential law side of things. Since there are no more barriers to sharing your browser history by ISPs what if the VPN provider decided to do that in place of the ISP for some extra cash?

Well the wording of the law allows this and has no language to block it. So legally they could do this and I am not much of a gambling man, but I will bet that some will do this. I would also bet that due to this unless another law prevents it is a new influx of VPN providers that promise they will not sell your information.

Services Available

Ok now after I have presented all the theory and gotchas, the reader might be curious now as to how to get this service and set it up.

I personally use TorGuard for my systems and can attest that it works very well with extremely fast connections. This is great and runs about $10/month for the service which is very reasonable.

While I cannot recommend any others, in my researching this post I came across a list with plenty of pros and cons of competitors. I will definitely be watching these and my current one as this potential law either goes into effect or gets vetoed (which looks very unlikely).